Boston-Area Hospital to Pay $1.5 Million to Settle HIPAA Violations Over Security Breach


On September 17, 2012, Massachusetts Eye and Ear Infirmary, a Boston area hospital, has agreed to pay $1.5 million to the U.S. Department of Health and Human Services to settle allegations of violations of the HIPAA Security Rule. The hospital was investigated by the Office of Civil Rights (OCR) after the hospital submitted a breach report in April of 2010 notifying the OCR of the theft of a personal laptop containing unencrypted electronic protected health information (PHI) of hospital patients and research subjects.

OCR’s subsequent investigation discovered that the hospital failed to comply with various requirements of the HIPAA Security Rule when it failed to...

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.